Vulnerability CVE-2008-6680: Information

Description

libclamav/pe.c in ClamAV before 0.95 allows remote attackers to cause a denial of service (crash) via a crafted EXE file that triggers a divide-by-zero error.

Severity: MEDIUM (5.0)

URL: https://nvd.nist.gov/vuln/detail/CVE-2008-6680
Published: April 8, 2009
Modified: Aug. 17, 2017
Error type identifier: CWE-189

References to Advisories, Solutions, and Tools

Hyperlink
Resource
https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1335
  • Vendor Advisory
[oss-security] 20090407 Re: CVE request: clamav clamd and clamscan DoS and bypass by malformated archive
    USN-754-1
      ADV-2009-0934
        34716
          DSA-1771
            MDVSA-2009:097
              34357
                http://support.apple.com/kb/HT3865
                  36701
                    APPLE-SA-2009-09-10-2
                      clamav-exe-dos(49845)

                          1. Configuration 1

                            cpe:2.3:a:clamav:clamav:0.93.1:*:*:*:*:*:*:*
                            cpe:2.3:a:clamav:clamav:0.94:*:*:*:*:*:*:*
                            cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*
                            End including
                            0.94.2
                            cpe:2.3:a:clamav:clamav:0.94.1:*:*:*:*:*:*:*
                        VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
                        Version: v24.4.2
                        Back to top